Thegrideon Software. One less reason to worry.

Multi-Position Modification

Multi-Position Mod Example 1

Example 1:
Let's say there is no information about the password except for charset "0..9A..Za..z" and the fact that only one character is numeric and one is capitalized. Letís say the password length is 8 chars (very common password complexity policy).
Brute-force attack for 8 chars with charset "0..9A..Za..z" is 62^8 passwords to verify.
5 parts mixed attack:
1) <unknown> - 6 chars with charset "a..z".
2) <number> - brute-force 1char long "0..9" charset.
3) multi-position mod (applied to step 2)
4) <cap> - 1 char with "A..Z" charset.
5) multi-position mod (applied to step 4)
This mixed attack is: 26^6 * (10*7) * (26*8) passwords. Actually it is around 2% from the full brute-force search.

Multi-Position Mod Example 2

Example 2:
Let's say one uppercase, one numeric and one special char: Brute-force attack for 8 chars with charset "0..9A..Za..z" + "!...~" is now 94^8 passwords to verify.
7 parts mixed attack:
1) <unknown> - 5 chars with charset "a..z".
2) <number> - brute-force 1char long "0..9" charset.
3) multi-position mod (applied to step 2)
4) <cap> - 1 char with "A..Z" charset.
5) multi-position mod (applied to step 4)
6) <special> - 1 char with "!..~" charset.
7) multi-position mod (applied to step 6)
This mixed attack is: 26^5 * (10*6) * (26*7) * (32*8) passwords and it is less than 1% from the full brute-force search.

Copyright © 2003-2018 .
Thegrideon Software and Thegrideon Service are trademarks of Thegrideon Corp. Terms of use | Privacy.
All trademarks, logos, product names & pictures mentioned or displayed herein are the property of their respective holders.